Application No.: 10/076,948 
Haltmeyer 



IN THE CLAIMS 

Please amend claim 9 as follows: 

1 . (Previously presented) A process for controlling the applications that a 
computer user may run on a multi-user system, comprising the steps of: 

automatically using a security executable on the multi-user system in user mode 
to create a list of authorized applications in a database of the multi-user system for the 
computer user when the computer user logs on to the multi-user system; 

attaching a hook function in user mode to all new applications; 

employing the hook function whenever a new application is started to send a 
message to the security executable in user mode, said message including the ID and path 
of the new application; 

receiving said message from the hook function at the security executable and 
correlating to said list to determine whether the new application is authorized; 

answering the message by the security executable when the new application is 
authorized and; 

stopping the new application when the new application is not authorized. 

2. (Previously Presented) A system for controlling the applications that a 
computer user may run on a multi-user system, comprising: 

a security executable in user mode for creating a list of authorized applications in 
a database of the multi-user system for the computer user; 

a hook function which is automatically attached to all new applications in user 
mode when the computer user logs on to the multi-user system; 

means for querying an ID of each said new application; and 

means for sending a message with the application ID and the path of the 
application being examined using said security executable; 

means for retrieving the ID of each new application; 

means for terminating each new application not identified on said list of allowed 
applications; and 
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means for answering a message when the application is identified on said list of 
allowed applications. 

3. Cancelled. 

4. (Previously Presented) The system for controlling the applications that a 
computer user may run according to claim 2, wherein said hook function is attached to 
said new applications by using a system dynamic link library. 

5. Cancelled. 

6. Cancelled. 

7. Cancelled. 

8. Cancelled. 

9. (Currently Amended) A process for controlling the applications that computer 
users may run on a network e nvironment , comprising the steps of: 

using a security executable on the multi user sy s tem network in user mode to 
create and maintain a list of authorized applications in a database of the multi user system 
network and IDs for each computer user when the computer user logs on to the network; 

attaching a hook function to all new applications; 

monitoring all new applications that are started with the hook function and 
determining an application ID thereof; 

receiving said application ID from the hook function by the security executable; 
determining whether the application ID of each started application is on said list; 
allowing said application to continue when its application ID is on the list; and 
terminating said application when its application ID is not on the list. 
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